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DETAILED ACTION 

1 . Claims 1-47 have been examined. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 

3. Claims 1-7, 9-13, 16-23, 25-29, 31-39, 41-45, and 47 are rejected under 35 U.S.C. 102(a) 
as being clearly anticipated by Czerwinski et al "An Architecture for a Secure Service Discovery 
Service" (hereinafter Czerwinski). 

4. As per claim 1,17, and 33, Czerwinski discloses a method for accessing a service in a 
distributed computing environment, comprising: a client locating a first service within the 
distributed computing environment (Czerwinski: page 26 sections 3 and 3.1); the client 
requesting a capability credential to allow the client access to a portion of the first serviced 
capabilities (Czerwinski: page 27 sections 3.3 and 3.4), wherein said requesting a capability 
credential comprises the client indicating a set of desired capabilities (Czerwinski: page 27 
sections 3.3 and 3.4); the client receiving said capability credential, wherein said capability 
credential indicates that the client has the right to use said portion of the first service's 
capabilities (Czerwinski: page 27 sections 3.3 and 3.4); and the client using said capability 
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credential to access one or more of said portion of the first service's capabilities (Czerwinski: 
page 27 sections 3.3 and 3.4). 

5. As per claim 2, 18, and 34, Czerwinski discloses the method as recited in claims 1, 17, 
and 33 respectively. Czerwinski further discloses wherein said requesting a capability credential 
comprises the client sending a capability credential request message (Czerwinski: page 27 
sections 3.3 and 3.4), wherein said capability credential request message comprises an 
identification of said first service and an indication of the set of desired capabilities (Czerwinski: 
page 27 sections 3.3 and 3.4). 

6. As per claim 3, 19, and 35, Czerwinski discloses the method as recited in claims 2, 18, 
and 34 respectively. Czerwinski further discloses wherein said identification of said first service 
comprises a Universal Unique Identifier (UUID) (Czerwinski: page 32 section 6.1). 

7. As per claim 4, 20, and 36, Czerwinski discloses the method as recited in claims 2 18, 
and 34 respectively. Czerwinski further discloses wherein said capability credential request 
message is formatted in extensible Markup Language (XML) (Czerwinski: page 27 section 3.1: 
a client sends a query in from of an XML template; page 27 section 3.1: the client specifies 
certificate that it is interested, and the CA returns the certificate; page28 section 3.4). 

8. As per claim 5, 21, and 37, Czerwinski discloses the method as recited in claims 2, 18, 
and 34 respectively. Czerwinski further discloses the method comprising: the client receiving an 
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advertisement for the first service (Czerwinski: page 26 section 3.1; page 27 section 3.3; page 28 
section 3.4), wherein said advertisement describes the portion of the first service's capabilities 
(Czerwinski: page 26 section 3.1; page 27 section 3.3; page 28 section 3.4); and wherein said 
indication of the set of desired capabilities comprises an indication of said advertisement 
(Czerwinski: page 26 section 3.1; page 27 section 3.3; page 28 section 3.4). 

9. As per claim 6, 22, and 38, Czerwinski discloses the method as recited in claims 5, 21, 
and 37 respectively. Czerwinski further discloses wherein said indication of said advertisement is 
said advertisement itself (Czerwinski: page 26 section 3.1; page 27 section 3.3; page 28 section 
3.4). 



10. As per claim 7, 23, and 39, Czerwinski discloses the method as recited in claims 5, 22, 
and 37 respectively. Czerwinski further discloses wherein said indication of said advertisement is 
a Uniform Resource Identifier (URI) to said advertisement (Czerwinski: page 27 section 3.1; 
page 28 section 3.4: a capability proves the client is on ACL by embedding the client's principal 
name and the service name; page 32 section 6.1: DNS and globe unique object identifier map to 
a service). 



11. As per claim 9, 25, and 41, Czerwinski discloses the method as recited in claims 5, 21 , 
and 37 respectively. Czerwinski further discloses wherein said advertisement is a protected 
advertisement that describes the first service's capabilities but does not provide an interface to the 
first service's capabilities (Czerwinski: page 27 section 3.2). 
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12. As per claim 10, 26, and 42, Czerwinski discloses the method as recited in claims 1,17, 
and 33 respectively. Czerwinski further discloses the method comprising: the client receiving a 
protected advertisement for the first service (Czerwinski: page 26 section 3.1; page 27 sections 
3.2 and 3.3; page 28 section 3.4), wherein said protected advertisement indicates an address for 
sending said capability credential request message to (Czerwinski: page 26 section 3.1; page 27 
sections 3.2 and 3.3; page 28 section 3.4); and wherein said requesting a capability credential 
comprises the client sending a capability credential request message to said address indicated in 
said protected advertisement (Czerwinski: page 26 section 3.1; page 27 sections 3.2 and 3.3; 
page 28 section 3.4). 

13. As per claim 11, 27, 28, 43, and 44, Czerwinski discloses the method as recited in claims 
10, 26, 27, 43, and 43 respectively. Czerwinski further discloses wherein said address indicated 
in said protected advertisement is for an authentication service (Czerwinski: page 26 section 3.1; 
page 27 sections 3.2 and 3.3; page 28 section 3.4), wherein said sending a capability credential 
request message comprises sending said capability credential request message to said 
authentication service (Czerwinski: page 26 section 3.1; page 27 sections 3.2 and 3.3; page 28 
section 3.4), the method further comprising the authentication service sending a credential 
request response message to the client in response to said capability credential request message 
(Czerwinski: page 26 section 3.1; page 27 sections 3.2 and 3.3; page 28 section 3.4). 
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14. As per claim 12, Czerwinski discloses the method as recited in claim 1 1 . Czerwinski 
further discloses wherein said credential request response message includes said capability 
credential, wherein said receiving said capability credential comprises receiving said capability 
credential from said authentication service in said credential request response message 
(Czerwinski: page 26 section 3.1; page 27 sections 3.2 and 3.3; page 28 section 3.4). 

15. As per claim 13, 29, and 45, Czerwinski discloses the method as recited in claims 1, 17, 
and 33 respectively. Czerwinski further discloses the method comprising: the client receiving a 
protected advertisement for the first service, wherein said protected advertisement indicates an 
authentication service; and wherein said requesting a capability credential comprises the client 
requesting a capability credential from said authentication service(Czerwinski: page 26 section 
3.1; page 27 sections 3.2 and 3.3; page 28 section 3.4). 

16. As per claim 16, 31, and 47, Czerwinski discloses the method as recited in claims 1, 17, 
and 33 respectively. Czerwinski further discloses wherein said using said capability credential to 
access one or more of said portion of the first services capabilities comprises the client sending a 
message to the first service to access a first capability (Czerwinski: page 26 section 3.1; page 27 
sections 3.2 and 3.3; page 28 section 3.4), wherein the message includes said capability 
credential, the method further comprising the first service authenticating said capability 
credential received in the message to verify that the client has the right to use said first capability 
(Czerwinski: page 26 section 3.1; page 27 sections 3.2 and 3.3; page 28 section 3.4). 
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17. As per claim 32, Czerwinski discloses the method as recited in claim 17. Czerwinski 
further discloses said interface comprises one or more processes executable on a processor 
within the client device (Czerwinski: page 26 section 3.1; page 27 sections 3.2 and 3.3; page 28 
section 3.4). 

Claim Rejections - 35 USC § 103 

18. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

19. Claims 8, 24, and 40 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Czerwinski in view of Vacon et al. U.S. Pat. No. 5227778 (hereinafter Vacon). 

20. As per claim 8, 24, and 40, Czerwinski discloses the method as recited in claims 5, 21, 
and 37 respectively . Czerwinski discloses wherein said advertisement describes all of the first 
service's capabilities (Czerwinski: page 27 section 3.2). However, Czerwinski does not explicitly 
disclose wherein said indication of said advertisement in said capability credential request 
message in a version of said advertisement edited to describe only said set of desired capabilities. 
However, Vacon discloses advertisement server stores a plurality of services and the client is 
able to query the service by providing interested function (Vacon: column 1 line 57 - column 2 
line 56). It would have been obvious to one having ordinary skill in the art at the time of 
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applicant's invention to combine the teachings of Vacon within the system of Czerwinski 
because providing desired capability to search for services is well known in the art. 

21. Claims 14, 15, 30, and 46 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Czerwinski in view of Johnson et al. U.S. Pat. No. 5560008 (hereinafter Johnson). 

22. As per claim 14, Czerwinski discloses the method as recited in claim 13. Czerwinski does 
not explicitly disclose the method further comprising: said authentication service determining a 
level of the first service's capabilities that the client is authorized to use; said authentication 
service generating said capability credential according to said level and said set of desired 
capabilities; and said authentication service sending said capability credential to the client, 
wherein said portion of the first service's capabilities that said capability credential indicates that 
the client has a right to use is no more than said set of desired capabilities. However, Johnson 
discloses generating capability credential according user's information (Johnson: column 5 line 
30 - column 6 line 60). It would have been obvious to one having ordinary skill in the art at the 
time of applicant's invention to combine the teachings of Johnson within the system of 
Czerwinski because generating user credentials eliminate the need for client to go through 
authentication process every time a service is requested. 

23. As per claim 15, 30, and 46, Czerwinski as modified discloses the method as recited in 
claims 14, 29, and 45 respectively. Czerwinski as modified further discloses wherein said portion 
of the first service's capabilities that said capability credential indicates that the client has a right 
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to use is the lesser of said level of the first service's capabilities that the client is authorized to use 
and said set of desired capabilities (Johnson: column 5 line 30 - column 6 line 60). 

Response to Arguments 

24. Applicant's arguments filed on 1 1/16/04 have been fully considered but they are not 
persuasive. 

25. As per claim 1, applicant argues that the reference does not discloses disclose the client 
indicating a set of desired capabilities. However, Czerwinski discloses a client contacts the CA 
and specifies the principal's certificate that it is interested in (section 3.3). 

26. As per claim 2, applicant argues that the reference does not disclose the credential request 
message comprises an identification of said first service and an indication of the set of desired 
capabilities. However, Czerwinski discloses the first service, which is the SDS service, and the 
set of desired capabilities (section 3.1 paragraph 5 and 6.1). Therefore, applicant's argument is 
respectfully traversed. 

27. As per claim 3, applicant argues that the identification of said first service comprises a 
UUED. However, Czerwinski discloses that the SDS is connected to the client through ARMI, 
which commonly uses UUID to identify the service (section 3.1 paragraph 5 and 3.5.3). 

28. As per claim 4, applicant argues that the reference does not disclose the capability 
credential request message is formatted in XML. However, since the SDS query is in XML 
format and the query contains the capabilities. Therefore, the capabilities credential request 
message and the credential are communicated in XML format in order to make it easier to 
communicate. 
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29. As per claim 5, applicant argues that reference does not disclose an indication of said 
advertisement. However, Czerwinski discloses the advertisement domain contains the service 
announcements and contact information for the capability manager and certificate authority that 
are indication of the desired capabilities. 



Conclusion 

30. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Shambroom U.S. Pat. No. 6301661 discloses enhanced security for applications 
employing downloadable executable content. 

Trostle U.S. Pat. No. 6775783 discloses client security for networked applications. 

Prabandham et al. U.S. Pat. No. 6668327 discloses distributed authentication mechanisms 
for handling diverse authentication systems in an enterprise computer system. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shin-Hon Chen whose telephone number is (571) 272-3789. The 
examiner can normally be reached on Monday through Friday 8:30am to 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Shin-Hon Chen 
Examiner 
Art Unit 2131 
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